package com.cicigodd.brick.plug.security.operate;

import com.cicigodd.brick.plug.cache.api.RedisCacheServiceApi;
import com.cicigodd.brick.plug.common.entity.LoginUser;
import com.cicigodd.brick.plug.common.exception.AuthException;
import com.cicigodd.brick.plug.security.api.PermissionServiceApi;
import org.springframework.stereotype.Service;

import javax.annotation.Resource;

/**
 * 权限相关的service
 *
 * @author cicigodd
 * @date 2022/09/23 08:42:00
 */
@Service
public class PermissionServiceImpl implements PermissionServiceApi {

    @Resource
    private RedisCacheServiceApi<LoginUser> loginUserCache;

    @Override
    public void checkPermission(String token, String requestUrl) {

        // 1. 获取token对应的用户信息
        LoginUser session = loginUserCache.get(token);
        if (session == null) {
            throw new AuthException("当前登录会话过期，请重新登录");
        }

        // 2. 验证用户有没有当前url的权限
//        Set<String> resourceUrls = session.getResourceUrls();
//        if (resourceUrls == null || resourceUrls.size() == 0) {
//            throw new ServiceException("权限校验失败，请检查用户是否有该资源的权限");
//        } else {
//            if (!resourceUrls.contains(requestUrl)) {
//                throw new ServiceException("权限校验失败，请检查用户是否有该资源的权限");
//            }
//        }
    }

}
